14cfe2072430891fcdafb769add58e0b00e7b97b882d8678aa4015462c8b8627

Sharing

Copy URL Twitter E-mail

General

Target

14cfe2072430891fcdafb769add58e0b00e7b97b882d8678aa4015462c8b8627
Size

3.1MB
MD5

d2874ce8319922caf44b59fc90744288
SHA1

32b2cf8fd4b4c1b0e47333550c497f0636116a16
SHA256

14cfe2072430891fcdafb769add58e0b00e7b97b882d8678aa4015462c8b8627
SHA512

ffc34fb27fad61a9aa45be92d89cd7c0044b4509912751ace7468d3a25f0b85549e540b739a31a2274dfa77f3756d7208e823513d06826f891096aae7282140e
SSDEEP

49152:+B3UYYN7c/ABIj2yqwHfMgW9c2bGqrwFNGEhtY0koqAlR1j8SOWSBQLKjaZ+OZWN:k/AqcSn2VrwPGGsUR1oSO92TWFnjGG

Score

N/A

Malware Config

Signatures

Files

14cfe2072430891fcdafb769add58e0b00e7b97b882d8678aa4015462c8b8627
.exe windows x64

79c077794e7988bb7a7a3db3c3b7e2c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualQuery
VirtualProtect
IsBadWritePtr
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
VirtualAlloc
GetProcessHeap
IsBadReadPtr
FreeLibrary
HeapAlloc
SetLastError
GetThreadLocale
HeapFree
MultiByteToWideChar
SetEvent
GetCurrentProcessId
CompareStringA
GetLastError
CloseHandle
CompareStringW
WaitForSingleObject
GetConsoleWindow
CreateFileA
ReadFile
FormatMessageA
FindResourceExA
GetModuleFileNameA
SetFilePointer
CreateEventA
DeleteCriticalSection
GetCurrentProcess
Sleep
InitializeCriticalSection
ExitProcess
GetPrivateProfileIntA
DisableThreadLibraryCalls
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetCPInfo
RtlVirtualUnwind
GetStdHandle
WriteFile
HeapCreate
HeapSetInformation
FlsAlloc
TlsSetValue
lstrcmpiA
GetTickCount
SetEnvironmentVariableW
WideCharToMultiByte
lstrlenW
SetEnvironmentVariableA
lstrcmpiW
GetModuleHandleExW
GetModuleHandleExA
GetModuleHandleW
lstrcmpA
LoadLibraryA
lstrcpyA
GetProcAddress
GetModuleHandleA
GlobalFree
GlobalUnlock
lstrlenA
GlobalLock
GlobalAlloc
LockResource
LoadResource
LeaveCriticalSection
SizeofResource
EnterCriticalSection
FindResourceA
GetCurrentThreadId
FlsFree
TlsFree
FlsSetValue
FlsGetValue
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
GetStartupInfoW
GetSystemTimeAsFileTime
RtlCaptureContext
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ResumeThread
ExitThread
GetSystemInfo
HeapSize
HeapReAlloc
HeapDestroy
GetLocaleInfoA
GetACP
GetVersionExA
RaiseException

user32

GetWindowLongA
LoadCursorA
GetSystemMetrics
SetCursor
GetParent
GetCursorPos
GetDesktopWindow
MapWindowPoints
SetWindowPos
SendMessageA
SetForegroundWindow
ReleaseCapture
PostMessageA
BeginPaint
GetWindowRect
SetClassLongA
ReleaseDC
GetClientRect
FillRect
GetDC
EndDialog
DestroyWindow
UnregisterClassA
SetWindowLongA
GetMessageA
TranslateMessage
wsprintfA
LoadStringA
MessageBoxA
KillTimer
EndPaint
SetTimer
CreateDialogIndirectParamA
LoadIconA
DispatchMessageA
PtInRect
DrawIcon

gdi32

DeleteObject
CreateFontIndirectA
CreateDIBSection
CreateSolidBrush
LineTo
MoveToEx
CreatePen
CreateCompatibleBitmap
BitBlt
TextOutA
GetTextExtentPointA
CreateCompatibleDC
SetBkMode
DeleteDC
GetStockObject
SetTextColor
GetObjectA
SelectObject
GetDIBColorTable
StretchBlt
SetDIBColorTable

advapi32

RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

ole32

CoInitializeEx
CreateStreamOnHGlobal

oleaut32

GetErrorInfo
SafeArrayAccessData
SafeArrayDestroy
VariantInit
VariantClear
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayPutElement
SafeArrayCreateVector

gdiplus

GdipCreateBitmapFromStream
GdipFree
GdiplusStartup
GdipAlloc
GdipDisposeImage
GdipDrawImageI
GdipBitmapLockBits
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImagePalette
GdipDeleteGraphics
GdipGetImagePaletteSize
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth

msimg32

TransparentBlt
AlphaBlend

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 886B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79c077794e7988bb7a7a3db3c3b7e2c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

gdiplus

msimg32

version

Sections

.text Size: 313KB - Virtual size: 313KB

.rdata Size: 130KB - Virtual size: 130KB

.data Size: 36KB - Virtual size: 49KB

.pdata Size: 18KB - Virtual size: 17KB

.vmp0 Size: 2.6MB - Virtual size: 2.6MB

.rsrc Size: 1024B - Virtual size: 886B

.text
Size: 313KB - Virtual size: 313KB

.rdata
Size: 130KB - Virtual size: 130KB

.data
Size: 36KB - Virtual size: 49KB

.pdata
Size: 18KB - Virtual size: 17KB

.vmp0
Size: 2.6MB - Virtual size: 2.6MB

.rsrc
Size: 1024B - Virtual size: 886B